package com.jcx.ldzj.config;

import com.alibaba.fastjson.JSONObject;
import com.jcx.ldzj.emun.SystemCode;
import com.jcx.ldzj.entity.LoginUser;
import com.jcx.ldzj.utile.RedisUtil;
import lombok.extern.slf4j.Slf4j;
import org.apache.shiro.authc.*;
import org.apache.shiro.authz.AuthorizationInfo;
import org.apache.shiro.authz.Permission;
import org.apache.shiro.authz.SimpleAuthorizationInfo;
import org.apache.shiro.realm.AuthorizingRealm;
import org.apache.shiro.subject.PrincipalCollection;
import org.apache.shiro.util.ByteSource;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.context.annotation.Configuration;

import java.util.List;
import java.util.Set;

@Configuration
@Slf4j
public class MyRealm extends AuthorizingRealm {


    @Autowired
    private RedisUtil redisclient;

    @Override
    public boolean isPermitted(PrincipalCollection principals, Permission permission) {
        LoginUser loginUser = (LoginUser)principals.getPrimaryPrincipal();
        //对admin用户不做任何权限查询校验，所以这里重写shiro权限校验方法
        if(loginUser.isAdmin()){
            return true;
        }
        return super.isPermitted(principals, permission);
    }

    //权限验证
    /**
     *
     * @param principalCollection 所得参数为之前在登录时new SimpleAuthenticationInfo所传的第一个参数
     *                            该参数还可以用SecurityUtils.getSubject().getPrincipal();获得
     * 需要配合注解使用，这里存储的是某个用户具有的权限
     * @return
     */
    @Override
    protected AuthorizationInfo doGetAuthorizationInfo(PrincipalCollection principalCollection) {
        SimpleAuthorizationInfo authorizationInfo=new SimpleAuthorizationInfo();
        LoginUser loginUser = (LoginUser)principalCollection.getPrimaryPrincipal();
        //用户有的角色标识
        Set<String> roles = redisclient.setMembers(SystemCode.USER_ROLE + loginUser.getUserName());
        authorizationInfo.setRoles(roles);
        //需要绑定角色和资源
        List<String> Permissions = redisclient.lRange(SystemCode.USER_PERMISSIONS + loginUser.getUserName(), 0, -1);
        authorizationInfo.addStringPermissions(Permissions);
        return authorizationInfo;
    }
    //登录校验
    @Override
    protected AuthenticationInfo doGetAuthenticationInfo(AuthenticationToken token) throws AuthenticationException {
        //获得当前用户
        UsernamePasswordToken usertoken= (UsernamePasswordToken)token;
        String userMap = (String)redisclient.hGet(SystemCode.USER_MAP, usertoken.getUsername());
        LoginUser loginUser = JSONObject.parseObject(userMap,LoginUser.class);
        if(loginUser==null){
            return null;
        }
       // List<LoginUser> list = MyCache.USER_LIST.stream().filter(user -> usertoken.getUsername().equals(user.getUserName())).collect(Collectors.toList());
        ByteSource byteSource=ByteSource.Util.bytes(SystemCode.ADD_SALT);
        //获取数据库用户跟当前用户进行比较
        SimpleAuthenticationInfo simpleAuthenticationInfo = new SimpleAuthenticationInfo(loginUser,loginUser.getPassWord(),byteSource,"myRealm");

        return simpleAuthenticationInfo;
    }

}
